Description
The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string.
Remediation
References
Related Vulnerabilities
Joomla! Core 1.5.x Multiple Cross-Site Scripting Vulnerabilities (1.5.0 - 1.5.20)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2609)
IBM RTC Cross-site Scripting (XSS) Vulnerability (CVE-2020-4691)
Oracle JRE CVE-2013-0351 Vulnerability (CVE-2013-0351)
WordPress Plugin Thank You Counter Button Multiple Cross-Site Scripting Vulnerabilities (1.8.7)